1. Field of the Invention
The present invention relates to a technique that sets a cipher system and a cipher key used for enciphering prior to communication wireless communication data exchanged by wireless between a wireless LAN access point and a terminal with a wireless LAN interfacing device to the access point and the terminal.
2. Description of the Related Art
The wireless LAN access point such as a repeater and a router has increasingly been used as a device for connecting remotely located multiple computers to the Internet not only in a place such as a private house, office, etc., where specified persons work continuously (hereunder, this place will be called a private space), but also in a place such as a hotel, air port, shopping district, park, station, etc., where unspecified and numerous people are in action temporarily (hereunder, this place will be called a public space). For example, a service is proposed which connects the access point to a broadband network that realizes a high-speed Internet interfacing service such as an xDSL line or a CATV line while locating the access point to a public space, and thereby provides a space (hereunder, called a free spot) where unspecified and numerous people in a wireless communication area that the radio waves transmitted from the access point reach can freely access the Internet. That is, this service opens the broadband network that the manager of the public space subscribes to the users who have the terminals and want to use the public space, by using the wireless LAN access point. This service enhances facility for the users connecting the Internet, and promotes wide use of the public space.
In such a free spot, there is a case that authorizes the right for connecting the Internet through the wireless LAN in a wireless communication area only to limited persons (customers, for example); in such a case, it was necessary to prevent fraudulent intrusion into the network by unauthorized persons. Since the wireless communication waves are frequently emitted between the terminals many people own and the access point in a free spot where many people gather, it was also necessary to securely prevent the radio waves from being intercepted in the wireless communication area to leak the communication contents to the third party, in order to protect the privacies of many people securely sufficiently.
In regard to the wireless LAN, various security techniques have been proposed which prevent the fraudulent intrusion into the network and the leakage of the communication contents to the third party. For example, a technique is proposed which utilizes MAC (Media Access Control) addresses being inherent identifying numbers assigned in advance to wireless LAN interfacing devices (for example, wireless LAN adapter) mounted on the terminals, registers the MAC addresses to the access point, makes the access point authenticate the MAC addresses accompanied with the accesses from the terminals, and rejects a request from a terminal requiring the access point to connect the network, if the terminal address is a MAC address other than the registered MAC addresses (hereunder, called the MAC address limitations, refer to JPA No. 320373/2001). Also, a technique is proposed which sets WEP (Wired Equivalent Privacy) keys to the terminals and the access point as the common cipher keys, enciphers the contents of data exchanged between the terminals and the access point by using the WEP keys, and if the data are leaked, makes the analysis of data contents difficult, and makes the data contents unknown (hereunder, called the WEP encryption, refer to JPA No. 345819/2001).
Therefore, in order to realize a free spot with the security established, it was necessary to perform in advance of using the free spot the registering of MAC addresses and the setting of WEP keys as to the terminals of the persons who want to use the free spot.
However, the above conventional security techniques had to perform the registering of MAC addresses to the access point and the setting of WEP keys to the terminals by manual operations, which involved complicated and troublesome works when newly adding a terminal using the wireless LAN. Especially in a free spot provided to a public space, there are a lot of people who intend to use the free spot, and the number thereof increases gradually. It was extremely inconvenient and unrealistic to impose the terminal operations relating to the registering of MAC addresses and the setting of WEP keys on such numerous terminal owners as the condition for using the free spot.
In order to set the WEP key having been set to the terminal with arbitrary character strings also to the access point, it is reasonable to set it by using a wireless LAN. That is, the terminal should transmit a radio wave with the data of the WEP key superposed toward the access point, and the access point receiving this should set the WEP key as to the concerned terminal. If this arrangement is made, the terminal owner is able to use various services (for example, connection to the Internet) through the wireless LAN immediately after the WEP key is transmitted. However, to transmit the WEP key by means of wireless in this manner involves the apprehension that the radio wave will be intercepted between the terminal and the access point, and WEP key will leak to the third party. If this becomes real, the third party acquiring the leaked WEP key becomes able to analyze all the data exchanged between the terminal with the WEP key set and the access point, and able to know the contents of the data. If this is real, the security system by encryption will collapse. Especially, the access point in the free spot performs the setting of the WEP key as to the terminals of great many people who want to use the free spot. Accordingly, it is necessary to prevent the WEP key from leaking securely sufficiently, and to keep the secrets of communication contents of great many users securely sufficiently.
Further in recent years, the wireless LAN interfacing device and the access point have been developed which meet plural cipher systems. In this case, there is intricacy of the user selecting the cipher systems as well as troublesomeness of the setting. And, in case the cipher systems have differences in the security level, if a user intends to enhance the security level of the currently used cipher system as much as possible, the user has to be reconciled to a cipher system of a lower security level because of the troublesomeness.